diff options
-rw-r--r-- | README | 1 | ||||
-rw-r--r-- | README.md | 4 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/gnome-chess.profile | 20 | ||||
-rw-r--r-- | etc/vlc.profile | 6 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
7 files changed, 29 insertions, 5 deletions
@@ -83,6 +83,7 @@ Fred-Barclay (https://github.com/Fred-Barclay) | |||
83 | - added jitsi profile | 83 | - added jitsi profile |
84 | - pidgin private-bin conversion | 84 | - pidgin private-bin conversion |
85 | - added eom profile | 85 | - added eom profile |
86 | - added gnome-chess profile | ||
86 | Jaykishan Mutkawoa (https://github.com/jmutkawoa) | 87 | Jaykishan Mutkawoa (https://github.com/jmutkawoa) |
87 | - cpio profile | 88 | - cpio profile |
88 | Paupiah Yash (https://github.com/CaffeinatedStud) | 89 | Paupiah Yash (https://github.com/CaffeinatedStud) |
@@ -186,7 +186,7 @@ Office: evince, gthumb, fbreader, pix, atril, xreader, | |||
186 | 186 | ||
187 | Chat/messaging: qtox, gitter, pidgin | 187 | Chat/messaging: qtox, gitter, pidgin |
188 | 188 | ||
189 | Games: warzone2100 | 189 | Games: warzone2100, gnome-chess |
190 | 190 | ||
191 | Weather/climate: aweather | 191 | Weather/climate: aweather |
192 | 192 | ||
@@ -197,5 +197,5 @@ Browsers: Palemoon | |||
197 | ## New security profiles | 197 | ## New security profiles |
198 | 198 | ||
199 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, xzdec, gzip, cpio, less, Atom Beta, Atom, jitsi, eom, uudeview | 199 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, xzdec, gzip, cpio, less, Atom Beta, Atom, jitsi, eom, uudeview |
200 | tar (gtar), unzip, unrar, file, skypeforlinux | 200 | tar (gtar), unzip, unrar, file, skypeforlinux, gnome-chess |
201 | 201 | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index ed7710728..01e68506d 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -128,3 +128,4 @@ blacklist ${HOME}/.local/share/xplayer | |||
128 | blacklist ${HOME}/.local/share/totem | 128 | blacklist ${HOME}/.local/share/totem |
129 | blacklist ${HOME}/.local/share/psi+ | 129 | blacklist ${HOME}/.local/share/psi+ |
130 | blacklist ${HOME}/.local/share/pix | 130 | blacklist ${HOME}/.local/share/pix |
131 | blacklist ${HOME}/.local/share/gnome-chess | ||
diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile new file mode 100644 index 000000000..e93970f7d --- /dev/null +++ b/etc/gnome-chess.profile | |||
@@ -0,0 +1,20 @@ | |||
1 | # Firejail profile for gnome-chess | ||
2 | noblacklist /.local/share/gnome-chess | ||
3 | |||
4 | include /etc/firejail/disable-common.inc | ||
5 | include /etc/firejail/disable-devel.inc | ||
6 | include /etc/firejail/disable-programs.inc | ||
7 | include /etc/firejail/disable-passwdmgr.inc | ||
8 | |||
9 | caps.drop all | ||
10 | net none | ||
11 | nogroups | ||
12 | nonewprivs | ||
13 | noroot | ||
14 | nosound | ||
15 | seccomp | ||
16 | shell none | ||
17 | tracelog | ||
18 | |||
19 | private-bin gnome-chess | ||
20 | private-dev | ||
diff --git a/etc/vlc.profile b/etc/vlc.profile index 1a6e5a151..c82247dd2 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile | |||
@@ -8,12 +8,12 @@ include /etc/firejail/disable-passwdmgr.inc | |||
8 | 8 | ||
9 | caps.drop all | 9 | caps.drop all |
10 | netfilter | 10 | netfilter |
11 | nogroups | ||
11 | nonewprivs | 12 | nonewprivs |
12 | noroot | 13 | noroot |
13 | protocol unix,inet,inet6 | 14 | protocol unix,inet,inet6 |
14 | seccomp | 15 | seccomp |
15 | |||
16 | |||
17 | # to test | ||
18 | shell none | 16 | shell none |
17 | tracelog | ||
18 | |||
19 | private-bin vlc,cvlc,nvlc,rvlc,qvlc,svlc | 19 | private-bin vlc,cvlc,nvlc,rvlc,qvlc,svlc |
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index c8eda3cb4..d2ee3a83e 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -44,6 +44,7 @@ | |||
44 | /etc/firejail/flashpeak-slimjet.profile | 44 | /etc/firejail/flashpeak-slimjet.profile |
45 | /etc/firejail/franz.profile | 45 | /etc/firejail/franz.profile |
46 | /etc/firejail/gitter.profile | 46 | /etc/firejail/gitter.profile |
47 | /etc/firejail/gnome-chess.profile | ||
47 | /etc/firejail/gnome-mplayer.profile | 48 | /etc/firejail/gnome-mplayer.profile |
48 | /etc/firejail/google-chrome-beta.profile | 49 | /etc/firejail/google-chrome-beta.profile |
49 | /etc/firejail/google-chrome-stable.profile | 50 | /etc/firejail/google-chrome-stable.profile |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 48e205a58..c909e6903 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -78,6 +78,7 @@ wine | |||
78 | 78 | ||
79 | # games | 79 | # games |
80 | 0ad | 80 | 0ad |
81 | gnome-chess | ||
81 | hedgewars | 82 | hedgewars |
82 | steam | 83 | steam |
83 | wesnot | 84 | wesnot |